Hacking Team data leak 'reveals links to Sudan and Russia'

Cyber criminals hack spy tool vendor to 'show it sold products to UN-embargoed Sudan'

A surveillance and exploit tool vendor has been hacked, with documents revealing commercial links to countries it has denied doing business with.

The Italian company, Hacking Team, specialises in "offensive security", providing software to gain access to systems and collect data undetected.

However, its network was compromised at some point on Sunday evening by unknown cyber criminals, who hijacked its Twitter page to rename it 'Hacked Team', and posted a link to a torrent containing 400GB of stolen information.

Advertisement - Article continues below

The leaked files appear to show links between Hacking Team and countries such as Sudan and the United Arab Emirates.

Both governments have been criticised by Human Rights Watch in the past for oppressive regimes, and Sudan in particular is currently under a UN trade embargo.

A report by Citizen Lab in 2014 suggested that Hacking Team's Remote Control software was in use in the Sudan despite the embargo banning this, and a UN investigation has been ongoing for around a year.

Hacking Team has previously stated that it "has no business relations or any agreements that would allow the Sudan or any entity in its territory to use the software", but the leaked files suggest this is not true.

An invoice dated 5 September 2012 references a contract signed on 29 June that year between Sudan and Hacking Team.

Advertisement - Article continues below

The contract, apparently for the vendor's Remote Control software, was worth 960,000.

Advertisement - Article continues below

An internal maintenance document listing customers' subscription statuses also lists Sudan as "not officially supported"  a category it shares with Russia.

Speaking with IBTimes in 2013, Eric Rabe, Hacking Team's head of communications, was keen to emphasise the legality of the company's dealings.

"The process under which Hacking Team sells its products is designed to make sure they are not abused and they are used in accordance with the applicable laws and international standards such as black lists that restrict where some products like this can be sold," he told the site.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now


mobile security

Parachute's Superlock feature keeps your phone recording in an emergency

2 Jun 2020
ethical hacking

Developer scores $100,000 bounty from Apple for exposing a critical vulnerability

1 Jun 2020

Hackers are wreaking havoc on Google’s Cloud infrastructure

1 Jun 2020

K2View innovates in data management with new encryption patent

28 May 2020

Most Popular

network attached storage (NAS)

Western Digital accused of sneaking inferior SMR tech into NAS drives

1 Jun 2020
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020